Password encryption
During application design, any sensitive information such as password may be encrypted for security purpose. You may change the key and salt used in a Joget Workflow server to further enhance its security.
Making changes to the key and salt will render all passwords unusable in an existing server therefore it is only recommended to do during initial server installation.
Import/Export App
In an exported app, any password saved in the application design will be encrypted as well. Hence, when the app is imported into another server, be sure to reconfigure all saved password as servers with different key and salt would render the passwords unusable.
Locate the file customApplicationContext.xml in \apache-tomcat-8.5.14\webapps\jw\WEB-INF\classes and add in line 6-9 as shown below.
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
<bean id="dataEncryption" class="org.joget.apps.workflow.security.SecureDataEncryptionImpl">
<property name="salt" value="NEW-VALUE-GOES-HERE"/>
<property name="key" value="NEW-VALUE-GOES-HERE"/>
</bean>
</beans>
Replace line 7 and 8 salt and key value to your own one.